All of us will encounter legacy code, and most of us will ‘inherit’ code to maintain. Even on the freshest of projects 99 % of the time you will encounter some ‘baggage’ code that we will have to maintain. This is especially true as a contractor f
This is probably the most common vulnerability these days on Internet Web Apps. Consist in inject client-side scripts in web pages viewed by other users.
What is Cross-Site Scripting?
XSS occurs when an attacker is capable of injecting a
The AJAX paradigm really launched the web into primetime some 10+ years ago, but now its almost expected. Now it’s a ubiquitous part of the web landscape. Most web apps now resemble an ‘app’ in regards to their UX and users ‘expect’ con
How to detect and prevent
The only way to detect flaws in your system is through deep testing. Fortunately, there’s a set of tools recommended by OWASP, that may help you on this task. W3AF (w3af is a Web Application Attack and Audit Framework), Web
PHP is a language for the web, the most popular one in fact. That’s not to say it’s the best, or the worst for that matter but the number of webpages powered by PHP outweighs all the other languages including JAVA, python, Ruby on Rails, etc.On the
In this post I intend to give some definitions related with Injection Flaws, what are they? and how you can determine if your system might be vulnerable to this kind of attacks.
In a second part, I will show you some examples and some t
Components instead of Controllers
While Components have been around in some shape or form around the web, Angular 2 is based around these amazingly flexible elements.
Components in AngularJS 2 will entirely replace controllers. In fact, they will also
This blog entry intends to bring an overview about security and an introduction of usual mistakes and some tips.
What does Web application security means?
There are several definitions for this questions, but we can shorten t
What is headless
There are many great open source software packages out there. Some of the most popular are WordPress, Drupal and Magento. It has been gaining popularity in recent years to run these apps as headless. But what does that mean?
As I’m sure you know if you are reading this, the AngularJS team is planning for a major version release “very soon” that will include some major paradigm shifts. A lot of the things you learned while teaching yourself AngularJS 1.x will just not be